PG configuration

Discussion in 'ProcessGuard' started by A884126, May 26, 2004.

Thread Status:
Not open for further replies.
  1. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    Hello.

    I need a little feedback on the configuration of Program Protection.

    Do you see something dumb in my rules?

    Cheers

    NB: this is my second day with PG and I am trying to understand how it works...
     
    Last edited: Jun 13, 2004
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi A884126, On a quick look nothing too bad but you could add Close Message handling to TDS3 and it does not require allow global hooks Just the four blocks blocks.

    If you can save your protection list to a .txt file and post it, it will be of more use to formulate a better reply.

    Thanks - Pilli
     
  3. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    No problem I will post the *.txt file when I get back home from work later on.

    Do you mean that TDS does not need any "Allowed Privileges"?

    To tell you the truth I set up options more by instinct than by a rational way. As I do not master yet all the subtleties of PG.

    Cheers
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi A884126, TDS3 does not need allow privs or global hooks to operate nor do many other programmes apart from those on the default list, Firewalls & AV's sometimes require them but you can see what is what by watching the logging, if you get continuous logging then give the necessary allows.
    BTW Close Message handling is still experimental as you can see by reading through some of the previous posts about it.

    HTH Pilli
     
  5. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    I made this configuration only for TaskManager because of a recommendation I found in the forum.

    Sorry but it seems I cannot attached any extra files...
    Also the picture of my first post has also been updated.

    Cheers
     
  6. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    You can remove items 18, 21. No need to add protection to these :)

    Consider looking at your firewall ruleset, add protection for anything with internet access to help prevent injections/bypassing (does your firewall offer DLL authentication, does it protect itself against bypassing?)
     
  7. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    I have serious concern as many users, with my actual firewall. Many BSOD with Outpost. At the present time Agnitum guys did not find any solution. Also I give them a month before moving to ZA Pro 5.

    Outpost yes. ZA I do not know yet.

    Cheers

    PS: modification has been made for items 18 and 21.
     
  8. stalker

    stalker Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    152
    Location:
    Ljubljana, Slovenia


    It sure does, at least Pro version. Don't know exactly from which version above, but see:

    ZoneLabs ZoneAlarmPro ReleaseHistory


    and if this link not work (I slighlty modified URL to point to root page), try:

    ZoneLabs ZoneAlarmPro ReleaseHistory v_4.0.146.029 ... THE VERSION I AM USING ...



    Also I do not have good experiences with version above 4.5 (conflicting with one of programs I WAS using, and cause of that I do not use it not anymore, probably cause of added OpenProcess() function monitoring ...), and especially above 5.0.

    They (the newest) contains also Antvirus, and various other additional protection methods, but I already use and trust my CA EZ eTrust Antivirus, version: 6.1.7.0, and I like software to be specializing in one thing (i.e. firewall to be just firewall, antivirus just antivirus, etc.), and not being some sort of All-in-1 tool.



    P.S., Look also my post about why Zone Alarm is the best firewall for me at:

    The best firewall (reliable, powerful, etc.) EVER in my opinion - Zone Alarm



    HTH
     
Thread Status:
Not open for further replies.